, from our friends at the Nmap project, has updated its list of the best security tools. I'm proud to say Metasploit has come in second among an entire ecosystem of awesome tools. Many of our favorite tools that make use of Metasploit are represented as well, including BeEF, Nexpose, and Social Engineer Toolkit. John the Ripper and w3af, two open source projects that Rapid7 supports through sponsorship, also made the list.

This is a great resource for people just getting into security, giving a brief description of each tool and what it's used for. Seasoned security veterans can get something out of it, too. I learned of several new tools that I had previously never seen and I'm sure many of you will have a similar experience. You can go directly to a list of the list's newcomers if you're familiar with the previous lists. So whether you've just joined the security community or you've been around for  awhile, you should definitely check out the list, particularly the open source tools. Of course, not every tool will be applicable to everyone, but it's worth at least skimming to figure out which ones you will find useful.